product security
The BlackBerry Product Security Incident Response Team (PSIRT)
The BlackBerry Product Security Incident Response Team (PSIRT) works to make BlackBerry® one of the most secure platforms available. The BlackBerry PSIRT builds collaborative relationships across the industry, monitors the security threat landscape and responds rapidly to emerging incidents to provide customers with the guidance and tools they need to protect their systems and devices.
Securing your organization
Product Security Advisories, Bulletins and Notices
The BlackBerry Product Security Incident Response Team (PSIRT) issues Advisories for vulnerabilities, Notices for high-risk threats under investigation, and Bulletins for system updates. Providing complete protection through timely, authoritative guidance to keep customers secure.
Security Advisory
BlackBerry may issue a security advisory to inform customers about the resolution of a confirmed vulnerability in a supported BlackBerry product to address a confirmed vulnerability. Unlike a security notice (described below), which aims to inform customers of a vulnerability, a security advisory includes information on the security issue as well as the software update that addresses the vulnerability. Customers can expect the advisory to include technical details regarding the vulnerability, mitigations, workarounds and authoritative guidance to reduce their risk. BBPSIRT releases security advisories on the second Tuesday of the month, in alignment with current industry practice. However, if there is imminent risk to customers, we will release a security advisory sooner to help ensure customers are protected.
Security Notice
BlackBerry issues security notices when appropriate to inform customers about high-visibility software vulnerabilities that BlackBerry is investigating and has determined to impact supported BlackBerry products, and is working to address for supported BlackBerry products. Customers can expect security notices to provide mitigations, workarounds, and authoritative guidance to reduce any potential risk. We do not follow a set schedule for issuing security notices, but rather release these notifications as needed to provide customers with information on how best to secure their products.
Security Bulletin
BlackBerry issues security bulletins to notify users of its BlackBerry powered by Android smartphones about available security fixes in its monthly Security Maintenance Release update. The bulletin is in response to the monthly Android Security Bulletin and addresses issues in that bulletin that affect BlackBerry powered by Android smartphones. Customers can expect security bulletins to provide a complete list of security vulnerabilities fixed in the monthly Security Maintenance Release. BBPSIRT regularly releases security bulletins on the first Monday of the month.
Privacy Notice
BlackBerry issues privacy notices to inform customers about third-party applications that do not clearly or adequately inform customers of how the app is accessing and possibly using their data. While such apps do not typically appear to have to have malicious objectives or aim to mislead customers, we want to provide customers with information regarding an app’s behavior in order for them to make an informed decision about whether to continue using the app. Customers can expect privacy notices to include information about the application’s behavior, and how to remove it, if the customer determines that is the best course of action. We release privacy notices as needed on the third Tuesday of the month in order to provide customers with a predictable schedule for receiving information.
Malware Notice
BlackBerry issues malware notices to inform customers about third-party applications that contain code developed with malicious intent. Customers can expect malware notices to provide them with details about the malware’s behavior, potential mitigations and guidance on how to remove it from their device. Similar to security notices, malware notices are released as needed to inform and protect customers, and there is no set schedule. BlackBerry remains committed to providing customers a unique level of protection, especially as mobile devices are playing a greater role in their busy lives. By publicly releasing notices and security updates, we are providing customers with the tools and information that they need to help safeguard their BlackBerry products. Additionally, through this type of public disclosure, we are continuing to foster industry collaboration as we work to improve security for the mobile landscape overall.
Product Security Updates
Product Security Advisories, Bulletins, and Notices
View a full list of Advisories, Notices, and Bulletins issued by the BlackBerry Product Security Incident Response Team, organized by year.
BSRT-2025-001 - Vulnerability in Management Console Impacts BlackBerry AtHoc (OnPrem) (November 19, 2025)
QNX-2025-001 - Vulnerability in PCX Image Codec Impacts QNX Software Development Platform (SDP) (June 10, 2025)
QNX-2024-003 - Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform (SDP) (January 14, 2025)
Updates, Collaborations and Acknowledgements
Security Updates
Helping to protect customers from security threats is the number one priority of the BlackBerry PSIRT. This team provides security updates for publicly released, non-Beta BlackBerry products. The team also scores security issues using the Common Vulnerability Scoring System (CVSS), and those identified as severe are given the highest level of priority. Before the release of a security update, BlackBerry build and test processes must first determine that the update is of the quality customers expect. The BlackBerry PSIRT publishes security advisories and notices to inform you that updates or guidance are available, and provides the details you need to complete a tailored risk assessment.
Collaborations
An essential part of the daily work of the BlackBerry Product Security Incident Response Team (PSIRT) includes collaborating with customers, partners, vendors, governments, academics and the security research community. Ongoing engagement helps BlackBerry deliver a unique level of security that customers depend upon.
Acknowledgements
The BlackBerry PSIRT thanks the list of people and organizations below for reporting security issues under the industry practice of coordinated disclosure and working with the team to protect BlackBerry customers. ("*" Identifies "Super Finder Status", signifying the finder has reported three or more security issues to the BlackBerry PSIRT in the calendar year.)
Acknowledgements By Year
2026
Utsavpari Gosai - https://www.linkedin.com/in/mrxfact0r99
Gaurang Maheta - https://www.linkedin.com/in/gaurang8833
Rhyru9 - www.linkedin.com/in/rhyru-2714a5277
Etienne Charron (RENAULT) / Amael Cattaneo-Ledoux (RENAULT) / Redouane Taoussi (RENAULT) (QNX-2026-001)
2025
Ali Sherif - https://www.linkedin.com/in/ali-sherif-13812b276
Utsavpari Gosai - https://www.linkedin.com/in/mrxfact0r99
Harsh Maheta - https://www.linkedin.com/in/harsh-maheta-7057542a9/
Vishal Kumar - https://www.linkedin.com/in/vishal-kumar-0050b0233/
Omkar Mastmardi - https://www.linkedin.com/in/omkarm13/
Vivek Goswami - https://www.linkedin.com/in/vivek-goswami-cs/
Rohit Kamble - https://www.linkedin.com/in/mr-rohit-kamble
2024
Hitarth Shah - https://www.linkedin.com/in/hitarthshah108/
Haris Ahmed - https://www.linkedin.com/in/haris-ahmed-ethical-hacker/
Everton Silva (Hydd3n) - https://www.linkedin.com/in/everton-hydd3n
Muhammad Humza Zaheer* - https://www.linkedin.com/in/hamza-zaheer-59b677183/
K.Buvaneshvaran - https://www.linkedin.com/in/buvaneshvaran
Raajesh - Infoziant Security - https://www.linkedin.com/company/infoziant
Ishu Jangra
Aviv Keller
Brian Gustafson - https://www.linkedin.com/in/brian-gustafson-25688041
2023
Devansh Chauhan - https://www.linkedin.com/in/devansh-chauhan-b36b6a1b1?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app
Yash Kulkarni - https://in.linkedin.com/in/yash-kulkarni-065298265
ROCK PRATAP SINGH - https://www.linkedin.com/in/rock-pratap-singh-92a28928b
Infoziant Security
Ishwar Kumar - www.linkedin.com/in/ishwar-kumar-214341284
Durvesh Kolhe - https://www.linkedin.com/in/durvesh-kolhe-012b54211
Fat Selimi
Ori Levi - https://www.linkedin.com/in/orilevicyber/
Aditya Singh - https://www.linkedin.com/in/aditya-singh4180
2022
Harsh Verma (synacktra) - https://www.linkedin.com/in/harsh-verma-2401a0224/
Pauras Patil - https://www.linkedin.com/in/pauras-patil-7469b4190/
Milan Jain (Scriptkiddie) - https://linkedin.com/in/milan-jain-scriptkiddie-50a738213
Faizan Ahmed - http://linkedin.com/in/faizan-ahmed-830444236
Prakash Chand Thakuri - https://www.linkedin.com/in/prakashchand72/
Vinit Lakra - https://www.linkedin.com/in/vinithacker/
Hemant Kashyap - https://twitter.com/Herry51130182
Rohan Prasad Gupta - https://www.linkedin.com/in/rohan-gupta-2209a9190
Madhurendra Kumar - https://www.linkedin.com/in/m14r41/
Eusebiu Daniel Blindu - https://twitter.com/simtobos
NITIN YADAV - https://www.linkedin.com/in/nitin-yadav-11b523223
Satyam Singh - https://www.linkedin.com/in/satyam-singh-893306221/
Love Yadav - https://www.linkedin.com/in/love-yadav-5159611a3/
Hemant Relhan - https://www.linkedin.com/in/hemant-relhan-13503513b
Sugumaran J - https://www.linkedin.com/in/sugumaranj
SALAH EDDINE LOUFFIDI - https://www.linkedin.com/in/salah-eddine-louffidi/
Vinayak Sakhare - https://www.linkedin.com/in/vinayak-sakhare-63b343119/
Milan jain(scriptkiddie) - https://www.linkedin.com/in/milan-jain-scriptkiddie-50a738213?lipi=urn%3Ali%3Apage%3Ad_flagship3_profile_view_base_contact_details%3BIK4eI%2FPYRtugVVpqq6vzsQ%3D%3D
NILESH AGRAWAL KOYO - https://twitter.com/koyohere
Fredric Carl - https://www.linkedin.com/in/fdcarl
Ereshwari Valmik - https://www.linkedin.com/in/ereshwari-valmik/
Yash kushwah (@cyberyash951) - https://www.linkedin.com/mwlite/in/yash-kushwah-a80449229
Harsh Bhanushali - http://linkedin.com/in/harshbhanushali
Khadir Osama Khadir - https://twitter.com/_naplon
LawSoul from SentinelX - CMC CyberSecurity RedTeam at https://cmccybersecurity.com/
Ritik Jangra - https://www.linkedin.com/in/ritik-jangra-03b80a21b
Krishna Agarwal (@Kr1shna4garwal) - https://www.linkedin.com/in/kr1shna4garwal
Dzmitry Smaliak - https://twitter.com/haxxm0nkey
Tolgahan Demirayak - https://www.linkedin.com/in/tolgahandemirayak/
Ramansh Sharma - https://www.linkedin.com/in/ramansh-sharma/
Jan Kopec - Lexfo Security - https://twitter.com/blogresponder https://twitter.com/LexfoSecurite
Swapnil Patil
Amit Kumar Biswas, Security Analyst of Avalance Global Solutions - https://twitter.com/Amitlt2
Zhe Jing
Biswajeet Ray - https://www.linkedin.com/in/biswajeet-ray-397742200
Shirshak Roy
RAAJESH G - Infoziant Security
Nikhil Rane - https://www.linkedin.com/in/nikhil-rane-31733a217
Sick Codes* - https://twitter.com/sickcodes https://www.linkedin.com/in/sickcodes/
Zythop - https://twitter.com/HaboubiAnis
Cristi - https://twitter.com/CristiVlad25 https://leakix.net/u/cristi
Kyaw Myo Han - https://twitter.com/ChrishSec https://github.com/ChrishSec
Roni Baghdady - http://linkedin.com/in/roni-b-4996471b1
2021
Kyaw Myo Han - https://twitter.com/ChrishSec https://github.com/ChrishSec
Aniruddh Mistry - https://twitter.com/Aniruddh_Mistry https://linkedin.com/in/aniruddh-mistry-b8540069
Ahmad Henry Mansour - https://twitter.com/Ahmad_Mansourr
Abilash. V.L - https://abilashvl.info https://twitter.com/AbilashVL
Ebrahim Mahrous Hassan Aref - https://www.linkedin.com/in/ebrahim-aref-8978261b6/
Flaviu Popescu - https://flaviu.io
Daniel Yagudayev - https://www.linkedin.com/in/daniel-yagudayev-cissp-b900b6ba/
Mohammed Adam - https://www.linkedin.com/in/mohammedadam24
Gaurang Maheta - https://www.linkedin.com/in/gaurang883
Niko Nazila Daelami - https://mobile.twitter.com/Hz3666ghost
Swapnil Kothawade - https://www.linkedin.com/in/swapnil-kothawade-813854a7/
Aytac Kalinci* - https://www.linkedin.com/in/aytackalincii/
Adarsh VS - https://www.linkedin.com/in/adarsh-vs/
Pethuraj M - https://www.pethuraj.com
RAAJESH.G* - https://www.linkedin.com/in/raajesh-258a93173/
Jebarson Immanuel - https://www.linkedin.com/in/jebarson-immanuel/
Hoang Quoc Thinh (@g4mm4) from RedTeam of VNG Corp - https://www.vng.com.vn
Nitin Bhangare - https://www.linkedin.com/in/nitin-bhangare-3b248383/
Vikas Yadav - Twitter: @Mrrobot1o1
Ravindra Dagale - https://www.linkedin.com/in/ravindra-dagale-5b0913151/
Daniel Blindu - https://twitter.com/eblindudaniel
Nilesh Yadav - https://www.linkedin.com/in/nilesh-yadav-43b6b716b/
Harinder Singh(S1N6H) - https://www.linkedin.com/in/lambardar
Yingjie Cao* - Sky-Go Team, Qihoo 360 Group
Gourab Sadhukhan - https://www.linkedin.com/in/gourab-sadhukhan-71158216a/
Mohd.Danish Abid - https://www.linkedin.com/in/mohd-danish-abid-2083401b3
Aswin Krishna - https://twitter.com/733n_wolf
Hasibul Hasan Rifat - https://twitter.com/rifatsec
Alan Abhilash - https://twitter.com/alan_abhilash
Tony Marcel Nasr
Divya Singh - @Dgirlwhohacks
Hariprasaanth R* - www.linkedin.com/in/hariprasaanth
Muhammad Asjad Sheikh - https://www.linkedin.com/in/asjadd/
2020
Daniel Yagudayev - https://www.linkedin.com/in/daniel-yagudayev-cissp-b900b6ba/
Harshal S. Sharma - https://www.linkedin.com/in/harshalss-war10ck/
ahmad alassaf - https://www.linkedin.com/mwlite/in/ahmad-alassaf-63811218a
Pritam Dash - https://linkedin.com/in/pritam-dash-116931171/
Xie Ziming and Yan Minrui, 360 SkyGo Team
Naveen Kumawat(nvk) - https://twitter.com/nvk0x
Jeya Seelan S - https://www.linkedin.com/in/jeyaseelans
Omar Khaled Amin ( powerjacobb1 )
Nandigama Sai Shankar
Kirtan Patel - https://www.linkedin.com/in/kirtan-patel-02a239166
Talib Nadeem Usmani, Honeywell Cybersecurity CoE - HCE - https://www.linkedin.com/in/talib-usmani/
Pankaj Upadhyay* - https://pankajupadhyay.in/
Mohamed Saqib C - https://www.linkedin.com/in/mohamed-saqib
Drew Green & Ken Smith, Bank of America
Wai Yan Aung, @waiyanaun9
Nikhil Sahoo - https://www.linkedin.com/in/nikhil-sahoo-87204b106/
Janmejaya Swain - https://www.linkedin.com/in/janmejayaswainofficial
Agrah Jain - https://www.linkedin.com/in/agrahjain
Prakash Kumar Parthasarathy - https://www.linkedin.com/in/prakashofficial
Team from Robert Bosch Engineering and Business Solutions
Debojyoti Bhattacharya https://in.linkedin.com/in/debojyoti-bhattacharya-2777655
Rajat Jaiswal https://www.linkedin.com/in/rajat-jaiswal-77033b156
Basavaraj Kurugod https://www.linkedin.com/in/basavaraj-kurugod-642712163
Sandeep Parvatikar https://www.linkedin.com/in/sandeep-parvatikar-28a32623
Zin Min Phyo - https://www.facebook.com/zinminphy0
Bala Elangovan
Neel Vishwakarma
Arshad Kazmi - https://twitter.com/arshadkazmi42
Harsh Rajesh Parekh - https://www.linkedin.com/in/harsh-parekh-8b31211a1
Shivang Trivedi - https:/www.linkedin.com/in/shivang-triedi-a149b2190/
Mehmet Can GÜNES - https://twitter.com/mehmetcangunes
Pratik Dabhi - https://in.linkedin.com/in/pratikmdabhi
2019
Abid Gul Shahid *
An Phuoc Trinh, @_tint0
Wai Yan Aung @waiyanaun9
Kasper Karlsson https://omegapoint.se/
B.Dhiyaneshwaran
Michael Magdy @michael74301043
Dr. Harsh Joshi - https://facebook.com/harshjoshi.85
Ahmad Halabi - https://www.facebook.com/dragon.shaheen1
Karann Salunke - @baabayaga07
Hunter Abubakar - @hunterabubakar
N. Karthik
S.P. Vasantha Kumar, Vishnu Raj - Infoziant
Ketan Madhukar Mukane @eSecHax0r
Octav Opaschi, Detack GmbH - detack.de
Tinu Tomy @TinuRock007
Sajjan Singh Nehal
Pan Chau, Anchor Capital Advisors, LLC
Sameer Phad
Mustafa Diaa - @c0braBaghdad1
Angel Tsvetkov https://www.facebook.com/Angel.xkorem
Tomer Bar - Bug Sec - https://www.linkedin.com/in/tomer-bar-9b15aa137/
Vishal K Bharad - https://www.linkedin.com/in/vishal-bharad-b476b388/
Tijo Davis - https://www.linkedin.com/in/tijo-davis-a906a7141
YoKo Kho - @YoKoAcc - RnD at Mahapatih Sibernusa Teknologi, PT
Lorenzo Pirondini, Netcentric, a Cognizant Digital Business - https://www.linkedin.com/in/lorenzo-pirondini
Pankaj Kumar Thakur (Nepal) - https://linkedin.com/in/pankaj1261
Lutfu Mert Ceylan
2018
Samet Sahin @F4LCONE_
Amine HM
Ali Hassan Ghori | Danish Tariq
Tayyab Qadir facebook.com/tqMr.EditOr
Dhaval Ramani facebook.com/erdhaval.patel
Karthikeyan Subramaniyan
Emad Shanab @Alra3ees
Sara Badran
Wai Yan Aung @waiyanaun9
An Phuoc Trinh, @_tint0
Rafael Pedrero Rodriguez - Telefonica Spain
Rupert Applin
2017
Vineet Kumar @the_real_clown
Suyog Palav
Kenan Genç
Sadik Shaikh https://www.extremehacking.org/
Akbar kp www.facebook.com/aKx.nInja
João Filho Matos Figueiredo github.com/joaomatosf
Mahmoud Osama @Mahmoud0x00
Sarankumar VB facebook.com/saranvbz
Mohd Aqeel Ahmed (Ciph3r00t) facebook.com/ciph3r00t
Suleman Malik @sulemanmalik_3
Jon Bottarini @jon_bottarini
Sadik Shaikh https://www.extremehacking.org/
2016
Rahmat Nurfauzi
Md Sameull Islam
Shivbihari Pandey
Ye Yint Min Thu Htut
Jose Carlos Exposito Bueno
Mohammed Abd Elmageed Eldeeb
Latish Danawale, Pristine Infosolutions
Jay K Patel
Mohamed Abdelbasset Elnouby, Seekurity Inc.
Yogendra Jaiswal(mogli)
Chris Novakovic, Imperial College London
Azam of Sandjaya @TheRealAzams
Sajibe Kanti
Sami Drif
Saurabh Pundir of Torrid Networks Pvt Ltd
Christoph Haas of Securai
Maciej Grabiec of ING Services Polska
Teemu Kääriäinen
Harsh Jaiswa of Bugdisclose
Alec Blance
Ayoub Nait Lamine, Technawi
Glenn Whatley, Protec UK
2015
Shahmeer Amir @shahmeer_amir; Maad Security
Ahmed Khouja
Chandrakant Nial
Manish Agrawal
Gritli Skander
Geetanjali Das, TCS
OthmaneTamagart
Nikhil Mittal
Ratna Sekhar
Pratik Satapathy
Mohamed Chamli
Karim Mohamed Ahmed
ALI KASMOU
Mohammad Abuhassan
Yakov Shafranovich, Shaftek Enterprises LLC
YoKo Kho @YoKoAcc
Pratyush Anjan Sarangi
Charlie Hothersall-Thomas, Netcraft
Sergio Maffeis, Imperial College London
Chris Novakovic, Imperial College London
Adam Lange, @AdamLangePL
Sachin Wagh
DirtyThy, @DirtyThy
Cyber Warrior Bug Researchers
Michal Koczwara
Muhammad Zeeshan
Ahmed Adel Abdelfattah
Murat YILMAZLAR
Danyal Zafar
Rui Silva
Ahmed Y. Elmogy
Khair Alhamad @Khair_Alhamad
Bayrem Ghanmi; Zenzemi Amine; Dorra Mimita Tunisian White hat Security; Ben khlifa fahmi Tunisian White hat & ArabOUG Security
Russel Van Laurio
Konduru Jashwanth ( ProEmTech Infosystems Private Limited)
Mohamed Khaled Fathy
Ahmet Can TUNÇKILIÇ
C Vishnu Vardhan Reddy twitter
Pratap Chandra
Ishwar Prasad Bhat (Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College, Avadi)
Douglas Berdeaux;
Sane Sindhuja Reddy
Gökay Gündogan
HusseiN98D,@hussein98d, 1nsp3ctus
Bharat Sewani (individual Bug Hunter)
Adeleh Mansori, Ramin Farajpour Cami
Joe Balhis
Mohammad Naveed
Jakub Pałaczyński of ING Services Polska
2014
Abhishek Dashora
Shahee Mirza, @shaheemirza
Mayur Agnihotri
Badí' Yee Tzyypirng, @badiyee
Abdul Wasay, @AWasayRazzak
Ahmed Hassan Awan, @hassanawans
Rajat Khanna of PricewaterhouseCoopers
>Justine Edic
Rajeewgandhi Jeyaraj
Myaseen Khan, myaseen.khan@hotmail.com
Provensec Labs
Mohammad Yaseen Khan
Madhu Akula, @madhuakula
Hardik Tailor, @iamhardiktailor
Simone Memoli, @Simon90_Italy
Filippos Mastrogiannis, @Simon90_Italy
Jatinder Pal Singh
Sergio Galán, "NaxoneZ" @NaxoneZ
Rodolfo Godalle, Jr.
Chris John Riley, @ChrisJohnRiley
Dawid Czagan
Nenad Stojanovski of Spotify
Yogesh Modi
Sandeep Singh
Ankit Bharathan
Surya Subhash, @pbssubhash
Parveen Nair of Kerala Cyber Squad
Web Plus
Teguh P. Alko
Erik van Oosbree, @mildata
Prafull Agarwal
Ketan Sirigiri, Cigniti Technologies Ltd.
Marc Rivero López of Aiuken Solutions, @seifreed
Wang Jing
Shikhil Sharma, Czar Securities
El Hadjeui Jamal Eddine, @JamalC0m
Koutrouss Naddara
Mohamed Osman Saeed, @krmalab
Daniel Vasu, RST Forums
Nakul Mohan, @Nakul_Mohan_Cia
Jerold Camacho, @karapsyon
Kamil Sevi, @kamilsevi
Frank Dick
Vinesh N. Redkar, @b0rn2pwn
Gurjant Singh and Mayank Kapoor of Hackerdesk
Vedachala, @vedachalaka
Fernando Muñoz
2013
For presenting at the BlackBerry Security Summit, June 2013:
Justin Clarke of Cylance
Dan Guido of Trail of Bits, Inc.
Miaubiz
Jason Shirk of Microsoft
Adam Meyers of Crowdstrike
Kurt Baumgartner of Kaspersky
For identifying and reporting a security issue to BlackBerry:
Ravindra Singh Rathore, @ravindra_hacks
Aditya K Sood of SecNiche Security Labs, @AdityaKSood
Paras Pilani of AKS IT Services
Rishiraj Sharma, @ehrishiraj
Vedachala, @vedachalaka
Pralhad Chaskar, @c0d3xpl0it
Ravikumar Paghdal, @_RaviRamesh
Pobereznicenco Dan of RSTforums
Sahil Saif, @bewithsahilsaif
Muhammad Talha Khan (MTK), @M7K911
Paul O'Grady, @3v0lver
Charlie Briggs, @Charlie_N_B
Dylan Scott Hailey, @TibitXimer
Ajay Negi, @AjaySinghNegi and Prashant Negi, @prashantnegi_
Deepankar Arora, @sec403 and Nipun Jaswal, @nipunjaswal
Shahee Mirza, @ShaheeMirza
Adam Ziaja, @adamziaja
Cernica Ionut Cosmin
Abdullah Hussam Gazi, @Abdulahhusam
Koutrouss Naddara
Shubham Shah @infosec_au
Appthority
Ankit Bharathan
Shashank of Pwnsecurity, @cyberboyIndia
Anagha Devale-Vartak of Avsecurity
Jatinpreet Singh, @SillyGeek
Avilash Kumar and Toshendra Sharma
Gökmen GÜRESÇI @GokmenGuresci
Juan Broullón Sampedro, @The_Pr0ph3t
Jayvardhan Singh, @Silent_Screamr
Nikhalesh Singh Bhadoria, @nikhaleshsingh
Umer Shakil, @umer_djzz
Mockingbird
Gordon Johnson of leetupload, @leetupload
Deepak Kivande
Sebastian Neef and Tim Schäfers of Internetwache, @internetwache
Wang Qiushi, @qiushi_w
Monendra Sahu, @mohitnitrr
Siddhesh Gawde, @pen3t3r
Chiragh Dewan , @ChiraghDewan
Tushar Rajhans Kumbhare, Defencely
Ehraz Ahmed, @securityexe and Umraz Ahmed, @umrazahmed
Shubham Raj, Openfire Security
Priyal Viroja
Anand Prakash, @sehacure
Sandeep Singh Rehal, @Sandeep_Rehal
J Muhammed Gazzaly, @gazly
Rishal Dwivedi of Bhavan's Vivekananda College, @rishaldwivedi and Manjot Singh of Rimt College Mandi Gobindgarh
Ahmad Ashraff, @yappare
Yuji Kosuga, @yujikosuga
Sunil Dadhich, @Sunil_Dadhich7
2012
For presenting at the BlackBerry Security Summit, June 2012:
Robert C. Seacord of the Secure Coding Initiative at CERT, located at Carnegie Mellon’s Software Engineering Institute (SEI)
Michael Eddington of Deja vu Security
Vincenzo Iozzo of Trail of Bits, Inc.
Andy Davis of NCC Group
Zach Lanier of Veracode
Dino Dai Zovi of Trail of Bits, Inc.
Joshua Lackey of AT&T
Willem Pinckaers of Matasano Security
For identifying and reporting a security issue to BlackBerry:
Andy Davis of NCC Group
Tim Brown, Nth Dimension
2011
For identifying and reporting a security issue to BlackBerry:
Frank Dick
Zach Lanier of Veracode
Professor Keith Mayes and Lishoy Francis from the ISG Smart Card Centre, Royal Holloway, University of London
Richard Leach of NCC Group
Ivan Huertas
Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers, reported via TippingPoint and the Zero Day Initiative
Laurent Oudot of TEHTRI Security
Previous Acknowledgements
For identifying and reporting a security issue to BlackBerry:
Isaac Dawson
Jean-Luc Giraud of the Citrix security team
Sheran Gunasekera of ZenConsult
OYXin of Nevis Labs, Aviram Networks, Inc.
CESG
Ken Millar of Sensient Technologies Corporation
Michael Thumann of ERNW
Martin O'Neal and Stephen de Vries of Corsaire
eEye Digital Security, working with US-Computer Emergency Readiness Team Coordination Center (CERT/CC)
Sonic Solutions
US-Computer Emergency Readiness Team Coordination Center (CERT/CC)
FX of Phenoelit
Imad Lahoud of the EADS Corporate Research Center IT Security Lab in France
Product Security Incident Response
Discovered a Security Vulnerability?
If you suspect you have a security vulnerability in a supported BlackBerry product, you can report it using the button below or send an email to secure@blackberry.com.